Mirrors/cobalt
1
0
Fork 0
mirror of https://github.com/wukko/cobalt.git synced 2024-11-06 00:10:02 +00:00
Code Issues Projects Releases Packages Wiki Activity

stream/manage: fix and clean up verifyStream function

Browse source 
- no longer throws an incorrect type of error
- checks whether cache exists before attempting to decrypt it
This commit is contained in:
wukko 2024-03-22 22:43:56 +06:00
parent 9234581c5e
commit 2ce033b754
1 changed files with 23 additions and 19 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

40
src/modules/stream/manage.js
View file

@ -5,6 +5,15 @@ import { nanoid } from 'nanoid';
import { decryptStream, encryptStream, generateHmac } from "../sub/crypto.js"; import { decryptStream, encryptStream, generateHmac } from "../sub/crypto.js";
import { streamLifespan } from "../config.js"; import { streamLifespan } from "../config.js";
const streamNoAccess = {
error: "i couldn't verify if you have access to this stream. go back and try again!",
status: 401
}
const streamNoExist = {
error: "this download link has expired or doesn't exist. go back and try again!",
status: 400
}
const streamCache = new NodeCache({ const streamCache = new NodeCache({
stdTTL: streamLifespan/1000, stdTTL: streamLifespan/1000,
checkperiod: 10, checkperiod: 10,
@ -61,29 +70,24 @@ export function createStream(obj) {
export function verifyStream(id, hmac, exp, secret, iv) { export function verifyStream(id, hmac, exp, secret, iv) {
try { try {
const ghmac = generateHmac(`${id},${exp},${iv},${secret}`, hmacSalt); const ghmac = generateHmac(`${id},${exp},${iv},${secret}`, hmacSalt);
const cache = streamCache.get(id.toString());
if (ghmac !== String(hmac)) { if (ghmac !== String(hmac)) return streamNoAccess;
return { if (!cache) return streamNoExist;
error: "i couldn't verify if you have access to this stream. go back and try again!",
status: 401
}
}
const streamInfo = JSON.parse(decryptStream(streamCache.get(id.toString()), iv, secret)); const streamInfo = JSON.parse(decryptStream(cache, iv, secret));
if (!streamInfo) return { if (!streamInfo) return streamNoExist;
error: "this download link has expired or doesn't exist. go back and try again!",
status: 400
}
if (String(exp) === String(streamInfo.exp) && Number(exp) > new Date().getTime()) { if (Number(exp) <= new Date().getTime())
return streamInfo; return streamNoExist;
}
return streamInfo;
}
catch (e) {
return { return {
error: "i couldn't verify if you have access to this stream. go back and try again!", error: "something went wrong and i couldn't verify this stream. go back and try again!",
status: 401 status: 500
} }
} catch (e) {
return { status: 500, body: { status: "error", text: "couldn't verify this stream. request a new one!" } };
} }
} }